In recent years, Internet of Things (IoT) traffic has increased dramatically and is expected to grow further in the next future. Because of their vulnerabilities, IoT devices are often the target of cyber-attacks with dramatic consequences. For this reason, there is a strong need for powerful tools to guarantee a good level of security in IoT networks. Machine and deep learning approaches promise good performance for such a complex task. In this work, we employ state-of-art traffic classifiers based on deep learning and assess their effectiveness in accomplishing IoT attack classification. We aim to recognize different attack classes and distinguish them from benign network traffic. In more detail, we utilize effective and unbiased input data that allow fast (i.e. 'early') detection of anomalies and we compare performance with that of traditional (i.e. 'postmortem') machine learning classifiers. The experimental results highlight the need for advanced deep learning architectures fed with input data specifically tailored and designed for IoT attack classification. Furthermore, we perform an occlusion analysis to assess the influence on the performance of some network layer fields and the possible bias they may introduce.

Machine and Deep Learning approaches for IoT attack classification

Di Monda Davide;
2022

Abstract

In recent years, Internet of Things (IoT) traffic has increased dramatically and is expected to grow further in the next future. Because of their vulnerabilities, IoT devices are often the target of cyber-attacks with dramatic consequences. For this reason, there is a strong need for powerful tools to guarantee a good level of security in IoT networks. Machine and deep learning approaches promise good performance for such a complex task. In this work, we employ state-of-art traffic classifiers based on deep learning and assess their effectiveness in accomplishing IoT attack classification. We aim to recognize different attack classes and distinguish them from benign network traffic. In more detail, we utilize effective and unbiased input data that allow fast (i.e. 'early') detection of anomalies and we compare performance with that of traditional (i.e. 'postmortem') machine learning classifiers. The experimental results highlight the need for advanced deep learning architectures fed with input data specifically tailored and designed for IoT attack classification. Furthermore, we perform an occlusion analysis to assess the influence on the performance of some network layer fields and the possible bias they may introduce.
2022
978-1-6654-0926-1
Attack Classification
Deep Learning
Internet of Things
Machine Learning
Network Security
File in questo prodotto:
File Dimensione Formato  
_IEEE_INFOCOM_BigSecurity_2022__Machine_and_Deep_Learning_Approaches_for_IoT_Attack_Classification.pdf

accesso aperto

Tipologia: Documento in Post-print
Licenza: Creative commons
Dimensione 251.4 kB
Formato Adobe PDF
251.4 kB Adobe PDF Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/20.500.11771/36319
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 49
social impact